Quality Open Software logback is a logging framework for Java applications from Quality Open Software of Switzerland. quality Open Software logback in versions 1.2.7 and earlier is vulnerable to remote code execution, which stems from a failure to effectively filter user input. The vulnerability stems from a failure to effectively filter user input, which can be exploited to craft malicious configurations that allow the execution of arbitrary code loaded from an LDAP server.
CPE | Name | Operator | Version |
---|---|---|---|
quality open software logback | le | 1.2.7 |